first commit
This commit is contained in:
julien
48
modules/config.sh
Executable file
48
modules/config.sh
Executable file
@@ -0,0 +1,48 @@
|
||||
#!/bin/bash
|
||||
|
||||
source $config_file
|
||||
|
||||
echo
|
||||
echo " => Configuration"
|
||||
echo
|
||||
|
||||
# Check config
|
||||
if [ ! -z $config ]; then
|
||||
echo "Configuration already applied."
|
||||
exit
|
||||
fi
|
||||
|
||||
# Enable firewall
|
||||
ufw enable
|
||||
ufw default deny incoming
|
||||
ufw default allow outgoing
|
||||
|
||||
# Grub configuration
|
||||
sed -i "s/GRUB_CMDLINE_LINUX_DEFAULT=\"quiet/& loglevel=3 nowatchdog/" /etc/default/grub
|
||||
update-grub
|
||||
|
||||
# Server only configuration
|
||||
if [ $profile = server ]; then
|
||||
# Firewall configuration
|
||||
ports="ssh
|
||||
http
|
||||
https
|
||||
imap
|
||||
imaps
|
||||
smtp
|
||||
smtps"
|
||||
for i in $ports
|
||||
do
|
||||
ufw allow $i
|
||||
done
|
||||
|
||||
# SSH keys only
|
||||
echo -e "# SSH keys only\nPasswordAuthentication no\nPubkeyAuthentication yes" > /etc/ssh/sshd_config.d/custom.conf
|
||||
fi
|
||||
|
||||
# Desktop only configuration
|
||||
if [ $profile = desktop ]; then
|
||||
# Disable all managed interfaces excerpt loopback from /etc/network/interfaces file to allow NetworkManager to manage them
|
||||
sed -i '/# The primary network interface/Q' /etc/network/interfaces
|
||||
fi
|
||||
|
||||
Reference in New Issue
Block a user